[gnutls-devel] GnuTLS | fips: adjust RSA self-tests after PKCS#1 v1.5 padding is no longer acceptable (!1932)

[Read-only notification of GnuTLS library development activities]

Alexander Sosedkin commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1932#note_2343936241


Looks fine to me, assuming the answer to [is it enough to have only PSS KAT test](https://gitlab.com/gnutls/gnutls/-/merge_requests/1907#note_2296471660) is a yes.

Also, on the PCTs, IG 10.3.A opens up with some strictness

> if at the time a PCT on a key pair is performed
> it is known whether the keys will be used in a key agreement scheme,
> digital signature algorithm or to perform a key transport,
> then the PCT shall be performed consistent with the intended use of the keys
> (i.e., TE10.35.01 for key transport, TE10.35.02 1 for signatures,
>  or TE10.35.03 2 for key agreement),
> even if the underlying standard does not require a PCT

only to immediately follow up with with the following *any*:

> 3. If at the time when the PCT is performed the keys’ intended usage is not known,
> then *any* of the three PCTs described in
> AS10.35 shall be performed on this key pair.

That sharp turn of a rollercoaster simultaneously
1. reads like we can skip testing both in pct_test(GNUTLS_PK_RSA) and
2. makes me uneasy about actually doing that due its narrative structure =)

Of course, I'm no FIPS lawyer. =/

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1932#note_2343936241
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250212/301e86b2/attachment.html>